package com.gitee.form_token.controller;

import com.gitee.form_token.annotation.AppLogin;
import com.gitee.form_token.common.Result;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/app/user")
public class AppUserController {

    @AppLogin
    @PostMapping("/create")
    public Result create() {
        return Result.success("create");
    }

    @GetMapping("/read")
    public Result read(HttpServletRequest request) {
        return Result.success("read");
    }

    @PreAuthorize("hasAuthority('user_update')")
    @PutMapping("/update")
    public Result update() {
        return Result.success("update");
    }

    @PreAuthorize("@myValid.has('user_delete')")
    @DeleteMapping("/delete")
    public Result delete() {
        return Result.success("delete");
    }

}
